[Samba] protocol error with OpenLDAP, v3

Andrew Bartlett abartlet at samba.org
Wed Oct 9 12:34:01 GMT 2002

"Malte Müller" wrote:
> I sort of succesfully installed samba2.2.5 with OpenLDAP 2.0.26 as a PDC on one
> machine.
> Alas the performance is very poor. Authentication process takes 10 Seconds pser, noticable one or two seconds per "net use d:" in the logon script.
> The process which consumes all CPU cycles is slap. I tried to tune with some h
> help of openLDAP mailinglist members (indices, nscd), but i didn't solve the
> problem.
> Now I try to set up a second machine with SuSE 8.1 with OpenLDAP 2.1.x and
> Samba 2.2.6pre2. It compiles and links fine, but when I try to log in
> it says:
> passdb/pdb_ldap.c: ldap_open_connection(216) connection opened
> passdb/pdb_ldap.c: ldap_connect_system(246)  Bind failed: protocol error
> I can search the ldap-database and authenticate against it from command-line
> i.e. ldasearch -w -W uid=administrator.
> I assume that samba can not handle ldap v3?

Samba just doesn't use it by default, in 2.2.  I added this to 3.0, when
i got bitten by the same issue.  The OpenLDAP folks decided that they
would force people to use LDAPv3, unless you explicitly configured
otherwise.  Some distributions set this, for admin sanity.  Lookup the
OpenLDAP doco, and reenable v2 binds.

I'll bug jerry about adding the extra 1 line to 2.2.6 before it's

Andrew Bartlett

Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net

More information about the samba mailing list